﻿Imports System.Data.SqlClient

Public Class admadduser
    Inherits System.Web.UI.Page
    Private objrd As SqlDataReader = Nothing
    Private objfind As New GetData
    Private sSQL As String
    Private ps As New PreparedStatement(sSQL)
    Dim strErr As String = ""

    Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
        If (Session("admin_ID") <> Nothing And Session("admin_ID") <> "") Then
            If Request("btnCreate") <> Nothing And Request("btnCreate") = "Create" Then
                Exit Sub
            End If
            sSQL = "select * from user_roles"
            ps.strSql = sSQL
            Dim conn As SqlConnection = objfind.getConn()

            objrd = objfind.dr(ps, strErr, conn, objrd)
            While (objrd.Read())
                role.Items.Add(New ListItem(
                 objrd("label").ToString(), objrd("role_ID").ToString()))
            End While
            objfind.closeConn(conn)

        Else
            Response.Redirect("../adm_login.aspx")
        End If
    End Sub

    Protected Sub btnCancel_Click(sender As Object, e As EventArgs) Handles btnCancel.Click
        Response.Redirect("userMngt_default.aspx")
    End Sub

    Protected Sub btnCreate_Click(sender As Object, e As EventArgs) Handles btnCreate.Click
        Dim strUID, strSup As String
        Dim fname, lname, strEmail, strPhone, strExt As String
        Dim pwd1, pwd2, lct As String
        strUID = UID.Text
        pwd1 = Password.Text
        pwd2 = PasswordConfirm.Text
        fname = firstname.Text
        lname = lastname.Text
        lct = location.Text
        strEmail = Email.Text
        strPhone = Phone.Text
        strExt = Ext.Text
        strSup = supervisor.Text
        sSQL = "select  adminuser_id  from  adm_user where adminuser_id=@id"
        ps.addParameter("id", strUID)
        ps.strSql = sSQL
        Dim conn As SqlConnection = objfind.getConn()

        objrd = objfind.dr(ps, strErr, conn, objrd)
        If objrd.HasRows Then
            result.InnerHtml = ""
            result.InnerHtml = "<center><b><font color=""#FF0000""> Error: That User ID already exists</font></b></center>"
            objfind.closeConn(conn)

            Exit Sub
        End If
        If strUID = "" Then
            result.InnerHtml = ""
            result.InnerHtml = "<center><b><font color=""#FF0000""> Pleas enter your User ID</font></b></center>"
            objfind.closeConn(conn)

            Exit Sub
        End If
        If pwd1 = "" Then
            result.InnerHtml = ""
            result.InnerHtml = "<center><b><font color=""#FF0000""> Pleas enter your password</font></b></center>"
            objfind.closeConn(conn)

            Exit Sub
        End If
        If fname = "" Then
            result.InnerHtml = ""
            result.InnerHtml = "<center><b><font color=""#FF0000""> Pleas enter your first name</font></b></center>"
            objfind.closeConn(conn)

            Exit Sub
        End If
        If lname = "" Then
            result.InnerHtml = ""
            result.InnerHtml = "<center><b><font color=""#FF0000""> Pleas enter your last name</font></b></center>"
            objfind.closeConn(conn)

            Exit Sub
        End If
        If strEmail = "" Then
            result.InnerHtml = ""
            result.InnerHtml = "<center><b><font color=""#FF0000""> Pleas enter your email address</font></b></center>"
            objfind.closeConn(conn)

            Exit Sub
        End If
        If strSup = "" Then
            result.InnerHtml = ""
            result.InnerHtml = "<center><b><font color=""#FF0000""> Pleas enter your supervisor</font></b></center>"
            objfind.closeConn(conn)

            Exit Sub
        End If
        If pwd1 <> pwd2 Then
            result.InnerHtml = ""
            result.InnerHtml = "<center><b><font color=""#FF0000""> The password you enter and re-enter did not match.please try again.</font></b></center>"
            objfind.closeConn(conn)

            Exit Sub
        End If
        Dim sh As New SHA1
        sSQL = "insert into adm_user (adminuser_id,password,role_ID,first_name,last_name,phone,email_address,supervisor,active,CreateDate,extension,location)"
        sSQL = sSQL & " values (@id,@password,@role,@firstname,@lastname,@phone,@email,@supervisor,@active,@createDate,@extension,@location)"
        ps.addParameter("password", sh.mySHA(pwd1))
        ps.addParameter("role", role.SelectedValue)
        ps.addParameter("firstname", fname)
        ps.addParameter("lastname", lname)
        ps.addParameter("phone", strPhone)
        ps.addParameter("email", strEmail)
        ps.addParameter("supervisor", strSup)
        ps.addParameter("active", 1)
        ps.addParameter("createDate", Now)
        ps.addParameter("extension", strExt)
        ps.addParameter("location", lct)
        ps.strSql = sSQL
        objfind.es(ps, strErr)
        If strErr = Nothing Or strErr = "" Then
            result.InnerHtml = ""
            result.InnerHtml = "<center><b><font color=""#FF0000""> Add Success！</font></b></center>"
            UID.Text = ""
            firstname.Text = ""
            lastname.Text = ""
            location.Text = ""
            Email.Text = ""
            Phone.Text = ""
            Ext.Text = ""
            supervisor.Text = ""
            role.SelectedIndex = 0
        Else
            result.InnerHtml = ""
            result.InnerHtml = "<center><b><font color=""#FF0000"">Error！</font></b><p>" & strErr & "</p></center>"
        End If
        objfind.closeConn(conn)

    End Sub


End Class